ISO 21177:2024
(Main)Intelligent transport systems — ITS station security services for secure session establishment and authentication between trusted devices
Intelligent transport systems — ITS station security services for secure session establishment and authentication between trusted devices
This document contains specifications for a set of ITS station security services required to ensure the authenticity of the source and integrity of information exchanged between trusted entities, i.e.: — between devices operated as bounded secured managed entities, i.e. "ITS Station Communication Units" (ITS-SCU) and "ITS station units" (ITS-SU) as specified in ISO 21217; and — between ITS-SUs (composed of one or several ITS-SCUs) and external trusted entities such as sensor and control networks. These services include the authentication and secure session establishment which are required to exchange information in a trusted and secure manner. These services are essential for many intelligent transport system (ITS) applications and services, including time-critical safety applications, automated driving, remote management of ITS stations (ISO 24102-2), and roadside/infrastructure-related services.
Systèmes de transport intelligents — Services de sécurité des stations ITS pour l’établissement et l’authentification des sessions sécurisées entre dispositifs de confiance
Le présent document contient les spécifications d'un ensemble de services de sécurité des stations ITS nécessaires pour garantir l'authenticité de la source et l'intégrité des informations échangées entre des entités de confiance, c'est-à-dire: — entre des dispositifs exploités en tant qu'entités délimitées gérées de manière sécurisée, c'est-à-dire les «unités de communication de station ITS» (ITS-SCU) et les «unités de station ITS» (ITS-SU) comme spécifié dans l'ISO 21217; et — entre les ITS-SU (composées d'une ou plusieurs ITS-SCU) et les entités de confiance externes telles que les réseaux de capteurs et de contrôle. Ces services comprennent l'authentification et l'établissement de sessions sécurisées, nécessaires pour échanger des informations dans le cadre d'une relation de confiance et de manière sécurisée. Ces services sont essentiels pour de nombreux services et applications de systèmes de transport intelligents (ITS), notamment les applications de sécurité revêtant un caractère d'urgence, la conduite automatisée, la gestion à distance des stations ITS (ISO 24102-2), et les services routiers liés aux infrastructures.
General Information
Relations
Buy Standard
Standards Content (Sample)
International
Standard
ISO 21177
Second edition
Intelligent transport systems —
2024-03
ITS station security services for
secure session establishment
and authentication between
trusted devices
Systèmes de transport intelligents — Services de sécurité des
stations ITS pour l’établissement et l’authentification des sessions
sécurisées entre dispositifs de confiance
Reference number
ISO 21177:2024(en) © ISO 2024
---------------------- Page: 1 ----------------------
ISO 21177:2024(en)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO 2024 – All rights reserved
ii
---------------------- Page: 2 ----------------------
ISO 21177:2024(en)
Contents Page
Foreword .vi
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
5 Overview . 4
5.1 General description, relationship to transport layer security (TLS) and relationship to
application specifications .4
5.2 Goals .5
5.3 Architecture and functional entities .5
5.4 Cryptomaterial handles .10
5.5 Session IDs and state .10
5.6 Access control and authorization state .11
5.7 Application level non-repudiation .11
5.8 Service primitive conventions .11
6 Process flows and sequence diagrams .12
6.1 General .
...
Norme
internationale
ISO 21177
Deuxième édition
Systèmes de transport
2024-03
intelligents — Services de
sécurité des stations ITS pour
l’établissement et l’authentification
des sessions sécurisées entre
dispositifs de confiance
Intelligent transport systems — ITS station security services for
secure session establishment and authentication between trusted
devices
Numéro de référence
ISO 21177:2024(fr) © ISO 2024
---------------------- Page: 1 ----------------------
ISO 21177:2024(fr)
DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO 2024
Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette
publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique,
y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut
être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.
ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
© ISO 2024 – Tous droits réservés
ii
---------------------- Page: 2 ----------------------
ISO 21177:2024(fr)
Sommaire Page
Avant-propos .vi
Introduction .vii
1 Domaine d'application . 1
2 Références normatives . 1
3 Termes et définitions . 1
4 Abréviations . 3
5 Présentation . 4
5.1 Description générale, relations avec la sécurité de la couche transport (TLS) et
relations avec les spécifications des applications .4
5.2 Objectifs .5
5.3 Architecture et entités fonctionnelles .6
5.4 Pointeurs d'élément cryptographique .11
5.5 État et ID de session .11
5.6 Contrôle d'accès et état d'autorisation . 12
5.7 Non-répudiation au niveau de l'application . 12
5.8 Conventions applicables aux primitives de service . 13
6 Flux de processus et diagrammes séquentiels .13
6.1 Généralités . 13
6.2 Vue d'ensemble des flux de processus .
...
FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 21177
ISO/TC 204
Intelligent transport systems —
Secretariat: ANSI
ITS station security services for
Voting begins on:
2023-11-13 secure session establishment and
authentication between trusted
Voting terminates on:
2024-02-05
devices
Systèmes de transport intelligents — Services de sécurité des stations
ITS pour l’établissement et l’authentification des sessions sécurisées
entre dispositifs de confiance
ISO/CEN PARALLEL PROCESSING
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/FDIS 21177:2023(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO 2023
---------------------- Page: 1 ----------------------
ISO/FDIS 21177:2023(E)
FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 21177
ISO/TC 204
Intelligent transport systems —
Secretariat: ANSI
ITS station security services for
Voting begins on:
secure session establishment and
authentication between trusted
Voting terminates on:
devices
Systèmes de transport intelligents — Services de sécurité des stations
ITS pour l’établissement et l’authentification des sessions sécurisées
entre dispositifs de confiance
COPYRIGHT PROTECTED DOCUMENT
© ISO 2023
ISO/CEN PARALLEL PROCESSING
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
RECIPIENTS OF THIS DRAFT ARE INVITED TO
ISO copyright office
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
CP 401 • Ch. de Blandonnet 8
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
CH-1214 Vernier, Geneva
DOCUMENTATION.
Phone: +41 22 749 01 11
IN ADDITION TO THEIR EVALUATION AS
Reference number
Email: copyright@iso.org
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO
ISO/FDIS 21177:2023(E)
Website: www.iso.org
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
Published in Switzerland
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN
DARDS TO WHICH REFERENCE MAY BE MADE IN
ii
© ISO 2023 – All rights reserved
NATIONAL REGULATIONS. © ISO 2023
---------------------- Page: 2 ----------------------
ISO/FDIS 21177:2023(E)
Contents Page
Foreword . vi
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
5 Overview . 4
5.1 General description, relationship to transport layer security (TLS) and
relationship to application specifications . 4
5.2 Goals . 5
5.3 Architecture and functional entities .
...
INTERNATIONAL STANDARD
ISO /FDIS 21177:2023(E)
ISO /TC 204/WG 18
Secretariat: ANSI
Date: 2023-0410-30
Intelligent transport systems — ITS station security services for
secure session establishment and authentication between trusted
devices
Systèmes de transport intelligents — Services de sécurité de la stationdes stations ITS pour
l'établissementl’établissement et l'authentificationl’authentification des sessions sécurisées entre
dispositifs de confiance
FDIS stage
---------------------- Page: 1 ----------------------
ISO/FDIS 21177:2023(E)
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this
publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical,
including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can
be requested from either ISO at the address below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: + 41 22 749 01 11
EmailE-mail: copyright@iso.org
Website: www.iso.orgwww.iso.org
Published in Switzerland
ii © ISO 2023 – All rights reserved
ii © ISO 2023 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/FDIS 21177:2023(E)
Contents
Foreword . xi
Introduction . xiii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Overview . 4
5.1 General description, relationship to transport layer security (TLS) and relationship to application
specifications . 4
5.2 Goals . 5
5.3 Architecture and functional entities . 6
5.4 Cryptomaterial handles . 13
5.5 Session IDs and state . 13
5.6 Access control and authorization state . 13
5.7 Application level non-repudiation . 14
5.8 Service primitive conventions . 14
6 Process flows and sequence diagrams . 15
6.1 General . 15
6.2 Overview of process flows . 15
6.3 Sequence diagram conventions . 16
6.4 Configure .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.